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DETAILED ACTION 

1. This office action is in reply to an amendment filed on October 29, 2004. Claims 1, 7, 10, 
16, 19 and 25 have been amended. Claims 1-27 are pending. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1-27 are rejected under 35 U.S.C. 102(e) as being anticipated by Reiche (US 
Patent No. 6,092,196). 

4. As per claims 1 and 10, Reiche teaches a method that facilitates sharing authentication 
information between a plurality of servers within a distributed computing system, wherein the 
plurality of servers includes a first server and an authentication server (figure 1, customer 
servers 120, 150 and authentication server 110), the method comprising: 

receiving a communication from a client at the first server (customer server)[column 4, 
lines 54-62 and column 8, lines 47-54]; 

determining whether the client is known to the first server (i.e., checking for a special 
URL or specific cookie) [column 4, lines 58-62 and column 8, lines 55-64]; and 
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if the client is unknown to the first server, generating a first identifier for the client 
[column 4, lines 63-67 and column 8, lines 52-67], communicating the first identifier to the client, 
and directing the client to communicate the first identifier to the authentication server, so that the 
authentication server can attempt to associate the first identifier with a known client [column 5, 
lines 1-19, column 9, lines 1-25 and column 11, lines 25-43], thereby authenticating the client 
without requiring a user to enter a username and password again [column 6, lines 37-44 and 
column 11, lines 25-44]. 

5. As per claims 7 and 16, Reiche teaches a method that facilitates sharing authentication 
information between a plurality of servers within a distributed computing system, wherein the 
plurality of servers includes a first server and an authentication server (figure 1 , customer 
servers 120, 150 and authentication server 110), the method comprising: 

receiving a communication from a client at the authentication server, wherein the 
communication includes a first identifier generated by the first server for the client [column 4, 
lines 54-67, column 5, lines 1-15, column 8, lines 64-67 and column 9, lines 1-17]; 

determining whether the client is known to the authentication server [column 5, liens 15- 
17 and column 9, lines 17-23]; 

if the client is known to the authentication server, associating the first identifier with a 
pre-existing identifier for the client [column 6, lines 37-65]; and 

if the client is unknown to the authentication server, causing the client to store a cookie 
for the authentication server, wherein the cookie contains an identifier for the client, so that the 
authentication server can subsequently identify the client by examining the cookie [column 6, 
lines 37-65], thereby authenticating the client without requiring a user to enter a username and 
password again [column 6, lines 37-44 and column 11, lines 25-44]. 
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6. As per claim 19, Reiche teaches an apparatus that facilitates sharing authentication 
information between a plurality of servers within a distributed computing system (figure 1 , 
customer servers 120, 150 and authentication server 110), the apparatus comprising: 

a first server within the plurality of servers [figure 1 server 120]; 

a receiving mechanism within the first server that is configured to receive a 
communication from a client [column 4, lines 54-62 and column 8, lines 47-54]; and 

an identification mechanism within the first server that is configured to determine 
whether the client is known to the first server (i.e., checking for a special URL or specific cookie) 
[column 4, lines 58-62 and column 8, lines 55-64]; and 

wherein if the client is unknown to the first server, the identification mechanism is 
configured to, generate a first identifier for the client [column 4, lines 63-67 and column 8, lines 
52-67], communicate the first identifier to the client, and to direct the client to communicate the 
first identifier to the authentication server, so that the authentication server can attempt to 
associate the first identifier with a known client [column 5, lines 1-19, column 9, lines 1-25 and 
column 11, lines 25-43], thereby authenticating the client without requiring a user to enter a 
username and password again [column 6, lines 37-44 and column 11, lines 25-44]. 

7. As per claim 25, Reiche teaches an apparatus that facilitates sharing authentication 
information between a plurality of servers within a distributed computing system, the apparatus 
comprising: 

an authentication server within the plurality of servers [figure 1, authentication server]; 
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a receiving mechanism within the authentication server that is configured to receive a 
communication from a client, wherein the communication includes a first identifier generated by 
a first server within the plurality of servers for the client [column 4, lines 54-67, column 5, lines 
1-15, column 8, lines 64-67 and column 9, lines 1-17]; 

an identification mechanism within the authentication server that is configured to 
determine whether the client is known to the authentication server [column 5, liens 15-17 and 
column 9, lines 17-23]; and 

an association mechanism within the authentication server [column 6, lines 37-65]; 

wherein if the client is known to the authentication server, the association mechanism is 
configured to associate the first identifier with a pre-existing identifier for the client [column 6, 
lines 37-65]; 

wherein if the client is unknown to the authentication server, the association mechanism 
is configured to cause the client to store a cookie for the authentication server, wherein the 
cookie contains an identifier for the client, so that the authentication server can subsequently 
identify the client by examining the cookie [column 6, lines 37-65], thereby authenticating the 
client without requiring a user to enter a username and password again [column 6, lines 37-44 
and column 11, lines 25-44]. 

8. As per claims 2, 8, 1 1 and 17, Reiche teaches the method as applied above. 
Furthermore, Reiche teaches the method, wherein if the client is known to the authentication 
server, the authentication server associates the first identifier with a pre-existing identifier for the 
client [column 6, lines 37-65]; wherein if the client is unknown to the authentication server, the 
authentication server causes the client to store a cookie for the authentication server, wherein 
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the cookie contains an identifier for the client, so that the authentication server can 
subsequently identify the client by examining the cookie [column 6, lines 37-65]. 

9. As per claims 3, 12 and 26, Reiche teaches the method as applied above. Furthermore, 
Reiche teaches the method, wherein the authentication server determines whether or not the 
client is known to the authentication server by attempting to examine a cookie presented by the 
client to the authentication server [column 6, lines 37-65]. 

10. As per claims 4 and 13, Reiche teaches the method as applied above. Furthermore, 
Reiche teaches the method, wherein if the client is unknown to the first server, the method 
additionally comprises causing the client to store a cookie for the first server, so that the client 
can subsequently present the cookie to the first server in order to identify the client to the first 
server [column 10, lines 17-34]. 

11. As per claims 5, 9, 14, 18, 23 and 27, Reiche teaches the method as applied above. 
Furthermore, Reiche teaches the method, further comprising: receiving a username and a 
password from the client; attempting to authenticate the client based on the username and the 
password, and if the client authenticates, associating the username with the client [column 9, 
lines 27-33]. 

12. As per claims 6, 15 and 24, Reiche teaches the method as applied above. Furthermore, 
Reiche teaches the method, wherein determining whether the client is known to the first server 
involves: looking for a cookie presented by the client to the first server, and if such a cookie is 
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presented by the client, determining if the cookie contains an identifier that is known to the first 
server [column 10, lines 17-34]. 

13. As per claims 20 and 21 , Reiche teaches the method as applied above. Furthermore, 
Reiche teaches the apparatus, further comprising an authentication server within the plurality of 
servers [figure 1]; an association mechanism within the authentication server [column 6, lines 
37-65]; wherein if the client is known to the authentication server, the association mechanism is 
configured to associate the first identifier with a pre-existing identifier for the client [column 6, 
lines 37-65]; wherein if the client is unknown to the authentication server, the association 
mechanism is configured to cause the client to store a cookie for the authentication server, 
wherein the cookie contains an identifier for the client, so that the authentication server can 
subsequently identify the client by examining the cookie [column 6, lines 37-65]. 

14. As per claim 22, Reiche teaches the apparatus as applied above. Furthermore, Reiche 
teaches the apparatus, wherein if the client is unknown to the first server, the identification 
mechanism is additionally configured to cause the client to store a cookie for the first server, so 
that the client can subsequently present the cookie to the first server in order to identify the 
client to the first server [column 10, lines 17-34]. 

Response to Arguments 

14. Applicant's arguments filed October 29, 2004 have been fully considered but they are 
not persuasive. Applicant argues that in Reiche, cookie is valid for a particular customer server 
and if a user wishes to access a resource located on another customer server, a new cookie 
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must be constructed for a new customer server, and furthermore the procedure for constructing 
a new cookie requires the user to enter login information, in other words, Reiche requires the 
user to enter the username and password again. Examiner respectfully disagrees. 

Examiner would point out that Reiche teaches an authentication system that does not 
require a user to enter username/password again. "Once the user has been validated and the 
cookie holding the user ID and the authentication server user information placed in the user's 
browser, the interaction user/authentication server, where the user is required to input user ID 
and Password is no longer necessary in instances where the user connects with a 
different customer server" (see Reiche, col. 6, lines 37-44). Therefore the examiner asserts 
that Reiche teaches the claimed limitations as recited in the claims. Accordingly the rejection is 
respectfully maintained. 

Conclusion 

1 5. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy 
as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing date 
of this final action. 
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Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Beemnet W Dada whose telephone number is (571 ) 272-3847. The 
examiner can normally be reached on Monday - Friday (9:00 am - 5:30 pm). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Beemnet Dada 
February 22, 2005 

SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




